Single Sign-On Generic Setup Steps

General Setup Steps

Not Specific to a Particular IDP

Though each Identity-provider (IDP) may vary, there are certain steps in the SSO setup process that remain the same across all platforms.

Exchange of MetadataiLMS Metadata can be downloaded from the Service Provider Section of our tool.Your IDPs (Identity provider) Metadata can be uploaded under the Identity provider section as well.This will create trust between the two parties.

Mapping of ValuesThe iLMS needs to know what values to expect from your system, and to which field in iLMS that value correlates.The most important value to map is the identifier.This will be based on the attribute name under which the value is passed, the most common of which is Name ID.By default Email Address is used as the identifier and is set as Name ID.If this differs for your system you are able to change the setting in the identifier section in iLMS.

Provisioning (Optional)If you are planning to provision with SAML as well there is a Create unrecognized Accounts option, and the rest of the Mandatory values (seen in iLMS) will need to be mapped across as well on both the IDP and iLMS side.

If you have Active Directory, we do recommend using LDAP provisioning in tandem with SAML to provision as this method is better at housekeeping. SAML can create accounts, but cannot inactivate them.

After the setupThe SSO connection can be tested with either our SP-initiated link (Found in the Service Provider Section of iLMS SSO: SAML Settings)It looks like this: https://www.inspiredlms.com/Login/Organization_NAME/consumer.aspx or you can utilize the IDP-initiated link from your provider.